Press ESC to close

Hackers Demand Ransom in Rhode Island Health System Data Breach

Category Details
Threat Actors International cybercriminal group, potentially ransomware-as-a-service syndicate.
Campaign Overview Breach of Rhode Island’s RIBridges system in December 2024, targeting health and benefits data, followed by ransom demands.
Target Regions Rhode Island, USA.
Methodology Access through an online account; lateral movement to replication infrastructure; exfiltration of core data before encryption.
Product Targeted RIBridges (Rhode Island Benefits System), core replication servers.
Malware Reference Unnamed ransomware and malware detected in file folders during the attack.
Tools Used Ransomware, malware for data exfiltration and encryption, potentially RaaS infrastructure.
Vulnerabilities Exploited Likely weak credentials or misconfigured online accounts enabling lateral movement.
TTPs Credential compromise, lateral movement, data exfiltration, encryption for ransom.
Attribution Sophisticated criminal syndicate; possibly ransomware-as-a-service operators.
Recommendations 1. Freeze credit and enable multi-factor authentication. 2. Strengthen passwords. 3. Monitor for identity theft or fraud.
Source Hackread 

Read full article: https://hackread.com/hackers-leak-partial-cisco-data-4-5tb-exposed-records/

The above summary has been generated by an AI language model

Source: Hackread

Published on: December 17, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *